Shr3dKit

This is a Red Team Tool Kit repository, specifically designed for penetration testing and red teaming activities. The tool kit is influenced by infosecn1nja's kit and includes a wide range of tools for reconnaissance, weaponization, and delivery. The repository contains a total size of 2.5+Gb and...

How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back

Attackers are increasingly using new phishing toolkits open-source, commercial, and criminal to execute adversary-in-the-middle AitM attacks. AitM enables attackers to not just harvest credentials but steal live sessions, allowing them to bypass traditional phishing prevention controls such as MF...

Low-Detection Phishing Kits Increasingly Bypass MFA

More and more phishing kits are focusing on bypassing multi-factor authentication MFA methods, researchers have warned – typically by stealing authentication tokens via a man-in-the-middle MiTM attack. As MFA continues to see widespread consumer and business adoption – a full 78 percent of...

Reddit: Domain Takeover of Reddit.ru via DNS Hijacking

Summary I discovered that Reddit.ru was vulnerable to DNS hijacking via DNS provider, Reg.ru. This would allow a malicious attacker to control the content on this domain, as well as, create email addresses associated with it... I'm going to be totally honest and say that any of us ethical hackers...

Phishing Tool Analysis: Modlishka

Additional research and support provided by Danny Wasserman. Overview One of the goals of phishing sites is to lure individuals into providing sensitive data, such as personally identifiable information, banking and credit card details, and passwords, through the use of email, SMS, social media,...

Modlishka - An Open Source Phishing Tool With 2FA Authentication

Modlishka is a flexible and powerful reverse proxy, that will take your phishing campaigns to the next level with minimal effort required from your side. Enjoy :- Features Some of the most important 'Modlishka' features : Support for majority of 2FA authentication schemes by design. No website...

A week in security (January 21 – 27)

Last week on the Malwarebytes Labs blog, we took a look at Modlishka, the latest hurdle in two-factor authentication 2FA, the potential for abuse of push notifications, a malware-phishing combo by the name of CryTekk ransomware, and why we detect PUPs, but enforce the power of users' choice. We...

Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge

Multiple news reports about the defeat of two-factor authentication 2FA have been making rounds lately. In November 2018, our friends at ESET discovered a purported Android battery utility tool called “Optimization Android” from a third-party app store. This app was designed to steal money from a...

Threatpost Survey Says: 2FA is Just Fine, But Go Ahead and Kill SMS

The author of a recently released penetration testing tool called Modlishka, which can bypass mainstream two-factor authentication 2FA, asked a provocative question in a recently published research note: “Is 2FA broken?” Since this isn’t the first example of how 2FA can be defeated, we asked...

Threatpost Poll: Can We Fix 2FA?

In the wake of the release of a penetration testing tool called Modlishka that shows how easy it is to bypass login protections for accounts protected by mainstream two-factor authentication 2FA, the tool’s author in his write-up asked, “is 2FA broken?” It’s a provocative question, so we asked...

Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In

A penetration testing tool published by Polish security researcher Piotr Duszyński can bypass login protections for accounts protected by two-factor authentication 2FA. In his write-up on the tool, which is dubbed Modlishka, meaning “mantis” in English, he asked, “is 2FA broken?” It’s a question...